<?php
// This page is intended to be called via ajax and will return an error if there was a problem.
// If there wasn't a problem then it will return a "Success" which will allow the calling page
// to deal with it in whatever way it wants.
require_once($_SERVER['DOCUMENT_ROOT'].'/includes/site_defaults.php');
require_once($_SERVER['DOCUMENT_ROOT'].'/database/db.php');

if (!isset($_SESSION)) {
	session_start();
}

$errors = Array();

if (! empty($_POST)) {

	$is_valid = true;
	
	// validate data from post
			
	$fields = array(
		// The array gives a friendly name of the field, a regular expression, and a failure message.
		'dealer_name'	=> array('Dealer Name', '/.+/', "Dealership Name is required."), 
		'phone' 		=> array('Primary Phone', '/^[0-9]{10}$/', "Phone number must be 10 digits only."), 
		'address1' 		=> array('Address', '/.+/', "Address is required."),
		'city' 			=> array('City', '/.+/', "City is required."), 
		'state' 		=> array('State', '/^[a-zA-Z]{2}$/', "State must be two letters only."), 
		'zip' 			=> array('Zip Code', '/^[0-9]{5}$/', "Zip code must be 5 digits only."));
			
	foreach ($fields as $field => $options) {
		if (! preg_match($options[1], $_POST[$field])) {
			$errors[] = $options[2];
		}
	}

	// save the dealer info that is past via post into the database
	if (empty($errors)) {
		if ($_POST['dealership_id'] == -1) {
			// Create a new dealership
			$i_stmt = sprintf("INSERT INTO dealerships 
				( contact_id,
				dealer_name,
				phone,
				address1,
				address2, 
				city,
				state_province,
				zip_postal,
				description ) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
				$_SESSION['id'],
				GetSQLValueString($_POST['dealer_name'], "text"),
				GetSQLValueString($_POST['phone'], "text"),
				GetSQLValueString($_POST['address1'], "text"),
				GetSQLValueString($_POST['address2'], "text"),
				GetSQLValueString($_POST['city'], "text"),
				GetSQLValueString(strtoupper($_POST['state']), "text"),
				GetSQLValueString($_POST['zip'], "text"),
				GetSQLValueString($_POST['description'], "text")
			);
		} else {
			// Update an existing dealership
			$i_stmt = sprintf("UPDATE dealerships SET 
				dealer_name = %s,
				phone = %s,
				address1 = %s,
				address2 = %s,
				city = %s,
				state_province = %s,
				zip_postal = %s,
				description = %s
				WHERE id = %s",
				GetSQLValueString($_POST['dealer_name'], "text"),
				GetSQLValueString($_POST['phone'], "text"),
				GetSQLValueString($_POST['address1'], "text"),
				GetSQLValueString($_POST['address2'], "text"),
				GetSQLValueString($_POST['city'], "text"),
				GetSQLValueString(strtoupper($_POST['state']), "text"),
				GetSQLValueString($_POST['zip'], "text"),
				GetSQLValueString($_POST['description'], "text"),
				$_POST['dealership_id']			
			);
		}
		
		mysql_select_db($db_name, $db);
		$result = mysql_query($i_stmt) or $errors[] = mysql_error();
		if (mysql_affected_rows() == 0) {
			$errors[] = "No rows were inserted";
		} else {
			// Update the contact is_dealer flag
 			$u_stmt = "UPDATE contacts SET is_dealer = 1 WHERE id = ".$_SESSION['id'];
			$result = mysql_query($u_stmt) or $errors[] = mysql_error();
			$_SESSION['dealer'] = true;
		}
	}
} else {
	$errors[] = "Form was empty."; 
}


// echo the response
if (! empty($errors)) {
	echo "Failed to create the dealership due to the following errors: <br/>";
	foreach ($errors as $error) {
		echo $error."<br/>";
	}
} else {
	echo "Success";	
}


?>